Old Windows ‘Mock Folders’ UAC bypass used to drop malware
Tags
cmtmf-attack-pattern: Process Injection
maec-delivery-vectors: Watering Hole
attack-pattern: Domains - T1583.001 Domains - T1584.001 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Process Injection - T1631 Software - T1592.002 Process Injection - T1055
Show in Graph
Common Information
Type Value
UUID b1a952bb-0915-47d1-b1b9-34e17949fb61
Fingerprint 9d8eab5db32f5645
Analysis status DONE
Considered CTI value 0
Text language
Published March 6, 2023, midnight
Added to db March 6, 2023, 11:53 p.m.
Last updated Sept. 13, 2024, 12:46 p.m.
Headline Old Windows ‘Mock Folders’ UAC bypass used to drop malware
Title Old Windows ‘Mock Folders’ UAC bypass used to drop malware
Detected Hints/Tags/Attributes 32/3/3
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/security/old-windows-mock-folders-uac-bypass-used-to-drop-malware/
Details Source https://www.bleepingcomputer.com/news/security/old-windows-mock-folders-uac-bypass-used-to-drop-malware/?&web_view=true
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 99 Cyware News - Latest Cyber News https://cyware.com/allnews/feed 2024-08-30 22:08
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 10 
easinvoker.exe
Details File 12 
netutils.dll
Details File 10 
kdeco.bat